>>> Decoding "deep" attacks Iranian nuclear reactor
Symantec (USA) conducted a survey with 1,580 companies in the world related to key infrastructure such as banks, emergency services, telecommunications and applications. Half of them admitted they had to resist political motives.
Image for illustrative purposes. (Internet source)
According to The Age, a survey of this type of attack (rarely made public because of the risk of panic) suggests that companies must experience an average of 10 cases involving virtual warfare or terrorism. online for the past 5 years with losses of about 850,000 USD per company.
These numbers are just the beginning. Nearly half of the companies participating in the survey believe that the size and extent of danger of attacks will increase. " Real-life attacks are real and more and more companies think they are for political purposes, " said Craig Scroggie, Symantec's vice president for Pacific.
The results of the US security firm were published after Microsoft Chief Executive Steve Ballmer warned the Stuxnet worm could be detrimental to the development of the world economy, while the Iranian Foreign Ministry was suspicious. The government of a Western country has spread this worm to undermine its nuclear program.
Unlike other viruses written only to exploit information on computers, the Stuxnet worm is " unusually malicious " because it is the first software to be programmed to control systems related to Important works of the industry. In addition, hackers often use only one vulnerability, but Stuxnet exploits five vulnerabilities at the same time.
" It must be very good to find five weaknesses in a software, " Scroggie said. Symantec estimates that 10 experts who work continuously for 6 months can " produce " a professional worm like Stuxnet.
The infamous Stuxnet worm, whose full name is Worm.Win32.Stuxnet, is basically considered an industrial spy tool, because it is designed to amplify the number of visits to the Siemens WinCC, Recovery OS. service for data collection and production monitoring. Since appearing almost a year ago, security experts have always given Stuxnet a close watch. In addition to exploiting security holes when handling LNK and PIF files, Stuxnet also uses four other Windows vulnerabilities. One of these four holes was exploited by Conficker worm in early 2009.
Alexander Gostev, a Kaspersky Lab security expert, said: " Stuxnet is the first malicious program to exploit five security flaws at the same time. It is the first threat to contain a lot of surprises in just one package. The only thing we ever encountered. This is really a treasure trove of hackers . "